Lucene search
K

222 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:2 p.m.6 views

CVE-2022-0631

Heap-based Buffer Overflow in Homebrew mruby prior to 3.2...

9.8CVSS6.7AI score0.00922EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-0481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL Pointer Dereference in Homebrew mruby prior to 3.2. CVE-2022-0481 Note that Nessus relies on the presence of the package as reported by the vendor...

7.8CVSS6.5AI score0.00918EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/05 2:28 a.m.10 views

CVE-2024-42381

os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...

8.3CVSS8.4AI score0.00647EPSS
Exploits0References1
NVD
NVD
added 2024/07/31 6:15 a.m.45 views

CVE-2024-42381

os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...

8.3CVSS0.00647EPSS
Exploits0References7
OSV
OSV
added 2024/07/31 12:0 a.m.9 views

CVE-2024-42381

os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...

8.3CVSS7.3AI score0.00647EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/07/31 12:0 a.m.36 views

CVE-2024-42381

os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...

8.3CVSS0.00647EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/07/31 12:0 a.m.15 views

CVE-2024-42381

os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...

8.3CVSS7.3AI score0.00647EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/07/31 12:0 a.m.4 views

PT-2024-29909 · Homebrew · Homebrew

Name of the Vulnerable Software and Affected Versions: Homebrew versions prior to 4.2.20 Description: The issue allows attackers to achieve code execution via an ELF file with a custom .interp section. This occurs during an un-sandboxed binary relocation phase, before a user would expect executio...

8.3CVSS7.4AI score0.00647EPSS
Exploits0References12
CNNVD
CNNVD
added 2024/07/31 12:0 a.m.22 views

Homebrew 安全漏洞

Homebrew is a package manager in the Homebrew open source. A security vulnerability exists in Homebrew versions prior to 4.2.20, which stems from os/linux/elf.rb's use of ldd to load ELF files obtained from untrusted sources. An attacker can achieve code execution via an ELF file with a custom...

8.3CVSS7.3AI score0.00647EPSS
Exploits0References8
CVE
CVE
added 2024/07/31 12:0 a.m.75 views

CVE-2024-42381

In Homebrew, the Linux-specific file os/linux/elf.rb in brew prior to 4.2.20 uses ldd to load ELF files obtained from untrusted sources, enabling code execution via an ELF file with a custom .interp section during an un-sandboxed binary relocation phase. The tested vulnerable version is 237d1e783...

8.3CVSS7.4AI score0.00647EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2024/07/15 8:7 a.m.860 views

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

Collateral Damage Collateral Damage is a kernel exploit for Xb...

7CVSS7.2AI score0.68202EPSS
Exploits7
Kitploit
Kitploit
added 2024/06/08 12:30 p.m.44 views

Sttr - Cross-Platform, Cli App To Perform Various Operations On String

sttr is command line software that allows you to quickly run various transformation operations on the string. // With input prompt sttr // Direct input sttr md5 "Hello World" // File input sttr md5 file.text sttr base64-encode image.jpg // Reading from different processor like cat, curl, printf...

7.4AI score
Exploits0References2
Openbugbounty
Openbugbounty
added 2024/03/02 5:59 a.m.9 views

longislandhomebrew.com Improper Access Control vulnerability OBB-3863752

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
OSV
OSV
added 2024/01/30 4:39 p.m.33 views

CVE-2024-23840 `goreleaser release --debug` shows secrets

GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. goreleaser release --debug log shows secret values used in the in the custom publisher. This vulnerability is fixed in 1.24.0...

5.5CVSS5.3AI score0.0032EPSS
Exploits1References4
Kitploit
Kitploit
added 2023/04/28 12:30 p.m.49 views

Bearer - Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)

Discover, filter, and prioritize security risks and vulnerabilities impacting your code. Bearer is a static application security testing SAST tool that scans your source code and analyzes your data flows to discover, filter and prioritize security risks and vulnerabilities leading to sensitive da...

7.4AI score
Exploits0References10
Spring Security Advisories
Spring Security Advisories
added 2023/02/28 12:0 a.m.15 views

This Week in Spring - February 28th, 2023

Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm writing this installment from a hotel room in Dallas, Texas, in the USA. Last night I had the privilege of hanging out with some of my friends from the local Java scene. Today I meet with customers. It's going to be a nic...

0.4AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.3 views

SUSE CVE-2022-0326

NULL Pointer Dereference in Homebrew mruby prior to 3.2...

5.5CVSS5.7AI score0.0081EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.3 views

SUSE CVE-2022-0481

NULL Pointer Dereference in Homebrew mruby prior to 3.2...

7.5CVSS5.7AI score0.00918EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.5 views

SUSE CVE-2022-0525

Out-of-bounds Read in Homebrew mruby prior to 3.2...

9.1CVSS8.3AI score0.01153EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.3 views

SUSE CVE-2022-0570

Heap-based Buffer Overflow in Homebrew mruby prior to 3.2...

9.8CVSS8.2AI score0.01243EPSS
Exploits1References3
Rows per page
Query Builder